Auditbox - Audit Record Repository

A FHIR-native Audit Record Repository to consolidate healthcare audit logs from multiple sources and answer compliance or security questions in seconds — not weeks.

Get Early Access Learn More

What's in the box?

Standards-Based Audit Consolidation

Centralize FHIR AuditEvent from your services in one standards-based repository — a single source of truth with consistent schema and lifecycle policies.

Quick FHIR ecosystem integration

Integrate via standard FHIR APIs and AuditEvent resources to reduce mapping and boilerplate.

Complete audit trails

Capture who, what, when, where, and how for every access or change — aligned with ASTM E2147, HIPAA, and GDPR.

Cost-effective log storage

Optimize storage costs while retaining full compliance so that long-term regulatory retention doesn't overload expensive SIEM or database resources.

Fast investigations

Quickly trace user activity with a standardized API and intuitive UI so you can perform audits, reviews, and root-cause analysis without sifting through raw system logs.

Architecture

Standards-based FHIR Audit Event as the data model foundation

{
  "resourceType": "AuditEvent",
  "meta": {
    "profile": [
      "https://profiles.ihe.net/ITI/BALP/StructureDefinition/
       IHE.BasicAudit.PatientDelete"
    ]
  },
  "type": {
    "system": "http://terminology.hl7.org/CodeSystem/audit-event-type",
    "code": "rest",
    "display": "Restful Operation"
  },
  "subtype": [{
    "system": "http://hl7.org/fhir/restful-interaction",
    "code": "delete",
    "display": "Delete"
  }],
  "action": "D",
  "recorded": "2025-09-10T12:00:00Z",
  "outcome": "0",
  "agent": [{
    "type": {
      "coding": [{
        "system": "http://dicom.nema.org/resources/ontology/DCM",
        "code": "110150",
        "display": "Application"
      }]
    },
    "requestor": true,
    "who": { "reference": "Device/app-server-01" }
  }],
  "source": {
    "observer": { "reference": "Device/audit-source" },
    "type": [{ "code": "4" }]
  },
  "entity": [{
    "what": { "reference": "Patient/example" },
    "type": { "code": "1" },
    "role": { "code": "1" }
  }]
}

Who

Agents (Actors and Roles)

Identifies every person, system, or device involved, including their roles (e.g., clinician, system, device).

Source (Site & Observer)

The system or component that detected and reported the event.

Where

Location

Actual place of the event (e.g., clinic room, device location).

What

Type & Action

What happened (e.g., record accessed, updated, deleted).

Entities (Objects & Details)

Which data or resources were affected, with rich context and security labels.

When

Time & Outcome

When it happened and whether it succeeded or failed.

Why

Authorization

Capture the specific reason each actor (person, system, or device) participated in it.

Designed for Healthcare Security & Audit Needs

Auditbox adapts to your security and compliance workflows across the full healthcare audit lifecycle.

Automatically ingest FHIR‑native logs from your FHIR services to eliminate fragmented audit trails.

Instantly align with HIPAA §164.312(b), GDPR Article 30, ONC §170.315(d)(2)/(d)(3), and ASTM E2147‑18 requirements using pre-configured compliance templates that eliminate guesswork.

Search by user, resource, timestamp, or action using advanced query capabilities that pinpoint security incidents instantly, enabling rapid response and confident remediation.

Append‑only indexing and tamper‑evidence options (where available) designed for long‑term preservation and regulatory scrutiny.

Forward enriched, structured audit logs to Splunk, Microsoft Sentinel, or Snowflake to amplify threat detection, accelerate incident response, and enhance your SOC’s effectiveness.

Get Early Access

We'll get in touch to set up your FHIR-native audit repository.

Address: Health Samurai Inc. 1891 N Gaffey St Ste O, San Pedro, CA 90731
Telephone: +1 (818) 731-1279
Email: hello@health-samurai.io